排序
Apache Solr <= 8.8.1 SSRF(CVE-2021-27905)
漏洞标题 Apache Solr <= 8.8.1 SSRF(CVE-2021-27905) 漏洞描述 Apache Solr中的ReplicationHandler(通常注册在Solrcore下的“/replication”)有一个“masterUrl”(也称为“leaderUrl”别...
2021年4月23日 11:56CVE-2021-32789: WooCommerce Blocks 2.5 to 5.5 – Unauthenticated SQL Injection
漏洞标题 CVE-2021-32789: WooCommerce Blocks 2.5 to 5.5 - Unauthenticated SQL Injection 漏洞描述 woocommerce-gutenberg-products-block is a feature plugin for WooCommerce Gutenberg B...
2021年4月23日 09:03CVE-2021-41878: i-Panel Administration System 2.0 – Cross-Site Scripting
漏洞标题 CVE-2021-41878: i-Panel Administration System 2.0 - Cross-Site Scripting 漏洞描述 i-Panel Administration System 2.0 contains a cross-site scripting vulnerability that enab...
2021年4月23日 02:48CVE-2021-24295: Spam protection, AntiSpam, FireWall by CleanTalk < 5.153.4 - Unauthenticated Blind SQL Injection
漏洞标题 CVE-2021-24295: Spam protection, AntiSpam, FireWall by CleanTalk < 5.153.4 - Unauthenticated Blind SQL Injection 漏洞描述 It was possible to exploit an Unauthenticated ...
2021年4月23日 00:51CVE-2021-26855: Microsoft Exchange Server Remote Code Execution
漏洞标题 CVE-2021-26855: Microsoft Exchange Server Remote Code Execution 漏洞描述 Microsoft Exchange Server Remote Code Execution Vulnerability PoC代码
2021年4月22日 23:51CVE-2021-37292: KevinLAB BEMS (Building Energy Management System) – Backdoor Account
漏洞标题 CVE-2021-37292: KevinLAB BEMS (Building Energy Management System) - Backdoor Account 漏洞描述 KevinLAB BEMS has an undocumented backdoor account, and these sets of credent...
2021年4月22日 23:49CVE-2021-4462: Employee Records System 1.0 – Unauthenticated File Upload RCE
漏洞标题 CVE-2021-4462: Employee Records System 1.0 - Unauthenticated File Upload RCE 漏洞描述 Employee Records System version 1.0 contains an unrestricted file upload vulnerabilit...
2021年4月22日 21:41CVE-2021-46071: ehicle Service Management System 1.0 – Cross-Site Scripting
漏洞标题 CVE-2021-46071: ehicle Service Management System 1.0 - Cross-Site Scripting 漏洞描述 Vehicle Service Management System 1.0 contains a stored cross-site scripting vulnerabi...
2021年4月22日 21:26CVE-2021-24910: WordPress Transposh Translation <1.0.8 - Cross-Site Scripting
漏洞标题 CVE-2021-24910: WordPress Transposh Translation <1.0.8 - Cross-Site Scripting 漏洞描述 WordPress Transposh Translation plugin before 1.0.8 contains a reflected cross-si...
2021年4月22日 20:18CVE-2021-34624: WordPress ProfilePress 3.0-3.1.3 – Arbitrary File Upload
漏洞标题 CVE-2021-34624: WordPress ProfilePress 3.0-3.1.3 - Arbitrary File Upload 漏洞描述 A vulnerability in the file uploader component found in the ~/src/Classes/FileUploader.ph...
2021年4月22日 19:24CVE-2021-29490: Jellyfin 10.7.2 – Server Side Request Forgery
漏洞标题 CVE-2021-29490: Jellyfin 10.7.2 - Server Side Request Forgery 漏洞描述 Jellyfin is a free software media system. Versions 10.7.2 and below are vulnerable to unauthenticate...
2021年4月22日 12:10CVE-2021-24316: WordPress Mediumish Theme <=1.0.47 - Cross-Site Scripting
漏洞标题 CVE-2021-24316: WordPress Mediumish Theme <=1.0.47 - Cross-Site Scripting 漏洞描述 WordPress Mediumish theme 1.0.47 and prior contains an unauthenticated reflected cros...
2021年4月22日 10:40CVE-2021-46073: Vehicle Service Management System 1.0 – Cross Site Scripting
漏洞标题 CVE-2021-46073: Vehicle Service Management System 1.0 - Cross Site Scripting 漏洞描述 Vehicle Service Management System 1.0 contains a cross-site scripting vulnerability v...
2021年4月22日 08:59Apache Struts2(S2-062)远程代码执行漏洞(CVE-2021-31805)
漏洞标题 Apache Struts2(S2-062)远程代码执行漏洞(CVE-2021-31805) 漏洞描述 Apache Struts2框架是一个用于开发Java EE网络应用程序的Web框架。Apache Struts< 2.5.30存在OGNL表达式注入漏...
2021年4月22日 08:23CVE-2021-24212: WooCommerce Help Scout – Arbitrary File Upload
漏洞标题 CVE-2021-24212: WooCommerce Help Scout - Arbitrary File Upload 漏洞描述 WooCommerce Help Scout plugin before version 2.9.1 contains an unrestricted file upload vulnerabili...
2021年4月22日 00:46Apache Tapestry远程代码执行(CVE-2021-27850 )
漏洞标题 Apache Tapestry远程代码执行(CVE-2021-27850 ) 漏洞描述 Apache Tapestry 5.4.5、5.5.0、5.6.2 and 5.7.0。在CVE-2019-0195中,通过操纵classpath资产文件URL,攻击者可以在classpath...
2021年4月21日 23:38
